Federal and state regulators should be nervous about the apparent ease an alleged saboteur gained access to a California data center and attempted to take out the state’s power grid.
The Federal Bureau of Investigation (FBI), last week arrested Lonnie Denison, age 32, and charged him with the federal crime of attempted destruction of an electrical facility. The story goes that on April 15, the California Independent System Operator Corporation (CAL-ISO) which runs most of California’s electrical grid contacted the FBI to report a disruption which occurred to the CAL-ISO computer systems. CAL-ISO, through surveillance cameras and employee security access codes, identified Denison an employee of contractor Science Applications International, as the person believed to be responsible for the disruption. SAI hired Denison.
Denison was able to enter the building and high-security rooms — allowed in by electronic card readers and a handprint scanner — even though his employer had warned days earlier that he should be denied access to the facility, authorities told the Los Angeles Times.
According to the FBI affidavit, Denison had earlier in the day tried and failed to log on to access the Cal-ISO computer network. That’s when he went to the facility and around midnight broke a glass seal and pushed an emergency electricity shut-off button. That act blacked-out the Cal-ISO building in Folsom, a Sacramento suburb and crashed computers used to communicate with the power market. Twenty computer technicians worked for seven hours to restore the systems, according to the LA Times story.
The act caused no blackouts but could have disrupted the western United States' power grid had it happened during hours of peak demand for electricity, such as a summer afternoon, the FBI said in an affidavit that accompanied a criminal complaint filed against Denison.
Not surprisingly Cal-ISO is investigating its security procedures. SAI is also reexamining its personnel screening methods. According to the FBI, Denison became upset last week after a dispute with SAI. The peeved techie, if found guilty, could be looking a maximum five-year prison sentence and a $5,000 fine.
For some observers this latest act is one of myriad examples of how security threats from within are way more prevalent and destructive than threats from outside. It’s also the second case this month where a techie with inside network access faced the long arm of the law.
In that case, a former government contractor whose top-secret security clearance let him sabotage Navy 6th Fleet computers was sentenced to a year in prison. Richard Sylvestre of Boylston, Mass., pleaded guilty to one count of damaging protected computers and could have faced as much as 10 years in prison.
According to this article in the Virginian-Pilot, Sylvestre planted a logic bomb in several navy computers after his company was passed over on a bid. He then fled to Italy. In this attack three of the five navy computers used to track submarines were shut down as a result of these actions. If all five had been shut down, the navy would have been blind.
The Leader in Network Knowledge
Power Grid
You have several inaccuracies in what you post here:
1. "Denison was able to enter the building and high-security rooms — allowed in by electronic card readers and a handprint scanner — even though his employer had warned days earlier that he should be denied access to the facility, authorities told the Los Angeles Times."
This is false. SAIC never informed CAL-ISO about issues with Mr. Denison.
2. "That act blacked-out the Cal-ISO building in Folsom, a Sacramento suburb and crashed computers used to communicate with the power market."
Wrong again. Only part of the computer systems were affected by Mr. Denison's actions. The power remained intact throughout the rest of the Folsom facility.
3. Your inference seems to indicate the power grid was affected. At no time was it. I was onsite and can tell you that at no time was the power grid affected by this incident.
You should confirm your facts before posting.